[Samba] LDAP PDC problems
Edoardo Causarano
edoardocausarano at tin.it
Thu Sep 12 15:51:57 GMT 2002
Christopher Odenbach wrote:
>Hi,
>
>
>
>>You suggest disabling acls on the profiles? I'll experiment ASAP but
>>I'm curious to know how that might help.
>>Anyhow I don't think the linux fs has acls for those dirs, just plain
>>UGO permissions. Also, domain admins profiles are in the same dir but
>>for them all is fine. I suspect the users are in the wrong group, but
>>I'm always open to discussion.
>>
>>
>
>See docs/README.Win2kSP2
>
Ok, but the profiles reside on the Samba PDC and we have NT4sp6a (could
any M$ hotfix be @ fault).
Also, the clients don't complain for not being able to acccess the
share but some applications simply barf mysteriously. Anyway, I
understand that the sid my NT4 sprinkles around the profile is the
PDCsid/uid which is now != because of the uid shift I made to clear the
< 1024 special uids that NT4 expects to find. Could this mismatch be the
cause of all evils? Well, the README suggestion seems applicable also to
my case.
I'll inform the list as soon as I apply the change and if positive I
think this should go in an 'migration to LDAP' howto. BTW. Ldapsam
requires those special groups to explicitly appear in the directory.
This is clear in the smbldap-tools but not in the SWAT accessible howto.
Explicit notice of this and of the current quirk I'm experiencing should
be noted in such an entry (IMHO).
Ciao,
Edo
More information about the samba
mailing list